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AN ASYMMETRIC SYSTEM AND METHOD FOR TAMPER-PROOF 
STORAGE OF AN AUDIT TRAIL FOR A DATABASE 



Cross Reference 

The application is a Continuation-in-Part application of the U.S. Patent 
Application Serial No. 09/634,445, which was filed on August 8, 2000, entitled 
"Method and System for Providing a Tamper-Proof Storage in an Audit Trail in a 
5 Database/ 7 

Background of the Invention 

The present invention relates generally to computer software, and more 
particularly, to a system and method for storing data in a tamper proof storage, 

10 In today's computer network environment, large volumes of data are 

customarily stored and used by various software applications. Data 
management has become an essential task for many data intensive industries. A 
smooth business operation depends both on the efficiency and security of the use 
of the stored data. From the perspective of data management, a database 

15 administrator (DBA) is powerful in that he usually has full access to the entire 

database and all contents stored therein. He can read, write and modify any data 
stored in the database. In a normal situation, the DBA is endowed with the 
highest level of trust because of his enormous responsibility. In certain cases, it is 
desirable to store data in a database in a secure way such that even a privileged 
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user like the DBA should not be able to modify records without detection. For 
example, it is very important to protect a monotonically increased audit trail 
which records actions taken by a user along with his identity against 
modifications. No one should be able to modify this trail, thus an independent 

5 auditor can trace any user's, even the DBA's, actions relating to the database, 
whereby the integrity and the security of the database are greatly enhanced. 

The normal practice consists of reading audit trail data in a database 
directly through SQL, JDBC or any such standard client program. Several 
conventional methods are used for protecting the integrity of the audit trail in a 

1 0 database system. For example, the entire audit trail can be encrypted. Although 
this encryption prevents access to the trail by the DBA, it does not prevent him 
from deleting certain records without being detected. Also it hinders the normal 
practice of reading the trail by users of the database. 

As an alternative solution, the audit trail can be validated by a signing 

1 5 process. The signing process corresponds to a digital signature operation which 
is well known in the industry. This signing process for generating a signature 
involves taking a message of any length, forming an "imprint" of the message to 
a fixed length by hashing, and mathematically transforming the hash using 
cryptographic techniques. While the signature can be generated only by the 

20 signer, any other user can verify the generated signature. If a trail for which the 
signature is attached has been tampered with, the verifier cannot successfully 
validate the digital signature. The signing process is directed to the entire trail, 
not a specific record in it. Under a typical scenario, after all the existing records 
have been collated, a signature is then generated for the entire trail, and the 

25 resulting signature is put in a secure place. Therefore, every time a new record is 
added to the database, the audit trail is signed again. This method has a heavy 
processing and computational overhead as the entire audit trail needs to be 

-2- 
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accessed and signed every time a record is added. 

In another alternative solution, the records can be validated by requiring a 
signature of each record. This method validates the individual records but still 
fails to prevent the DBA from deleting records without detection. 

5 The process of auditing a database audit trail is expected to conform to 

"four eyes principle/' This means that there can be two or more auditors who 
separately and independently track a database audit trail. The audit trail starts 
with the joint participation of all the auditors. The auditors are supposed to 
maintain a "non-trusting" attitude towards each other and strictly track the audit 

10 trail for database integrity. All solutions to tamper-proof storage discussed in 
the above paragraphs are presented in the single auditor framework and hence 
cannot be applicable to auditing process that requires "four eyes principle." 

What is needed is an efficient method and system for supporting a secure 
database system so that any modifications of the audit trail in a database system 

15 by any user, including the privileged user like the DBA, would be detectable. 
The proposed method and system should also support "four eyes principle" for 
auditing. 

20 Summary of the Invention 

A method and system is provided for a tamper-proof storage of an audit 
trail in a database having one or more records. Since the integrity of the audit 
trail may be vulnerable to actions taken by an access-privileged user such as a 
database administrator, a mechanism is provided for authorized persons such as 
25 one or more auditors to efficiently detect any changes made by the user to the 
records in the audit trail. 

In one example of the present invention, an audit trail has one or more 



r 
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records, each record having a corresponding authentication token and a 
validation token. If there are two or more auditors, then the trail record will 
have separate validation tokens for each of the auditors. The database has a 
writing machine (writer) which is not under the control of the access-privileged 
5 users or the auditors. 

The audit trail is initiated by generating an initial value of the 
authentication token and an initial value of the validation token based on a first 
encryption key generated by the writer (writer public key) and a second 
encryption key generated by the auditor (auditor public key). In a case of two or 

1 0 more auditors, separate validation tokens are generated for each auditor based 
on his public key. Complimentary to the writer public key and the auditor 
public key, a third encryption key (writer private key) related to the first 
encryption key and a fourth encryption key (auditor private key) related to the 
second encryption key are also created. While integrating the values of the 

15 validation token(s) and the writer public key into each corresponding record of 
the audit trail, the values of the authentication token, and the writer public key 
are constantly updated for the next record. The writer has an access to the 
auditor public key, and the auditor has an access to the writer public key. 
However, only the writer has an access to the writer private key, and only the 

20 auditor has an access to the auditor private key. Each auditor has the ability to 
compute the values of the validation token for the records to verify against the 
integrated values of the validation token in order to detect a tampering of the 
audit trail by any access-privileged user. 

Various benefits are achieved over conventional approaches. For instance, 

25 the security of the entire trail in a database is strengthened, while normal 

database queries are not hindered. Further, any actions taken against the records 
in the trail can be detected without involving a computationally expensive 
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process. Additionally the auditing process satisfies the requirements of a "four 
eyes principle/ 7 

5 Brief Description of the Drawings 

Fig. 1 illustrates a simplified graphical representation of a tamper proof 
database system. 

Fig. 2 illustrates a computer system for implementing the present 
invention. 

10 

Description of the Preferred Embodiment 

While it is not an objective of the present invention to prevent the 
database administrator (DBA) from accessing the database under his control or 
hinder his daily work in any way, the present invention intends to provide a 

15 security system for improving the reliability of the audit trail in a database by 
assuring that any modification or deletion of the records in the trail can be 
detected by an independent auditor. 

Referring now to Fig. 1, a simplified tamper proof database system (DB) 
10 is shown. The DB 10 contains a main database operations manager (DBOM) 

20 12 and database storage 14. The Secure Store (SS) 22 stores secured information 
and performs access control based on a user's identity. The SS 22 is essentially a 
database containing information about network users, network devices, and 
other resources of a network. It helps to manage users, the network resources, 
and information on the network by providing an administrator/ operation 

25 manager which has a precise view of network resources and services at any 

instant of the network operation. In some examples of the present invention, the 
SS 22 can be a software module, a hardware component, or a combination of 

-5- 
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both software and hardware components. The SS 22 is also a secured 
information storage for storing sensitive information in a confidential form. The 
SS 22 stores information for all entities in a computer network environment, the 
entities being users, computer hardware devices, or software modules, etc. 

5 Every entity is entitled to an exclusive access to a partitioned area in the SS 22. 
For example, an auditor 20 is only given access to his related part of the SS 22 if 
he is authenticated by password or through other authentication methods. The 
SS 22 then provides information, applications, and communications accesses to 
the user after a successful authentication process. Connected to or contained in 

10 the DBOM 12 is a software engine or server that writes data to the database 
storage 14 or the SS 22. It is heretofore referred to as a writing machine or a 
writer 16. The writer 16 is decoupled from the DB 10 and is not under the control 
of the DBA. The entire DB 10 interacts with users such as a user 18 and the 
auditor 20 based on predetermined access conditions. A typical database system 

15 such as one provided by Oracle Corporation can be used as the DB 10 in the 
present invention. In some cases, the SS 22 can be a Novell Directory Services 
system (NDS) or the Secret Store System in NDS. The writer 16 can be a network 
loadable module (NLM) running on a software platform such as Novell's 
NetWare. The network loadable modules are program modules that perform 

20 specific tasks. For example, specific program modules can be written to 
implement the functionality of a writer. 

In order to implement various examples of the present invention, one 
common process involved is an encryption process. This process is to encrypt a 
plain readable message through mathematical transformation so that it is no 

25 longer readily decipherable. The transformed message after the encryption 
process is usually referred to as a ciphered message. The receiver performs 
reverse transformation on the ciphered message to obtain the original plain 
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message. The forward and reverse transformation encryption transformations 
require a shared secret key. The sharing of a secret key is facilitated using a 
public private key pair. The sender encrypts the shared secret key using the 
receiver's public key and sends the ciphered message to the receiver. The 

5 receiver decrypts the shared secret key using his private key. Only the intended 
receiver can decrypt properly and get the shared secret key, as he is the only one 
with the knowledge of his private key. Since the sender and the receiver use 
different keys for encryption and decryption of the same data, this scheme is also 
called as an asymmetric key scheme. 

10 The writer and the auditor can use a public key cryptographic technique, 

for example, Diffie-Hellman key exchange technique, to arrive at a shared key 
which can then be used to compute authentication and validation tokens. In a 
Diffie-Hellman (D-H) scheme, each of the participants generates a private and 
public key pair. Only the public key of the public-private key pair is made 

15 public. Though the private and public key are mathematically related, obtaining 
the private key from the knowledge of the corresponding public key is 
computationally infeasible. This problem is well known as the discrete logarithm 
problem. By choosing the length of the key pair appropriately, efforts to break 
the discrete logarithm problem can be made as high as desired. The participants 

20 involved in a D-H scheme exchange their public keys. Then they perform 
exponentiation of the obtained public key which could be used further for 
encryption purposes. In order to facilitate proper mathematical operations, an 
appropriate (large enough so that discrete log problem is infeasible) prime 
number field is chosen. The modulus of the number field is denoted by P and 

25 the operations supported are modular additional and modular multiplication. 
The number field has P-l nonzero elements and a is denoted as the generating 
base which generates all the nonzero elements of the number field as 1, a 1 (mod 
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P), a 2 (mod P, . . .,a?- 1 (mod P). If a private key is chosen as W, then the 
corresponding public key is a w (mod P). For the sake of notational convenience, 
the public key is written as ot w . All computations are assumed to be performed 
modulo P unless otherwise specified. 

5 Hence, the security of the shared secret key exchange algorithm is 

primarily measured by the design of the public and private keys, and most likely 
in the digit length of these keys. By increasing the key length, the difficulty level 
to break the encryption algorithm is increased, and the ciphered message is more 
secure in transmission. 

10 Another common process used by various examples of the present 

invention is called a hashing process (or a "hash" in short). A hash is a process of 
transforming a message of any length into an output message with a fixed 
length. The output message is called a digest. By definition, a hashing process 
maps a message of arbitrary length into a digest of a predetermined length. A 

1 5 secure hashing algorithm is designed so that it is computationally unfeasible to 
determine an input message from its corresponding output digests. Although 
there are a significant number of hashing algorithms known in the art, some 
well-known hashing algorithms are MD4, MD5, and Secure Hashing Algorithm 
(SHA). 

20 For the purpose of explaining examples of the present invention, some 

other technical terms are defined summarily below: 
Ai- ith Authentication token. 
Ri - ith Record. 

Di - String formed by concatenating fields of the ith Record or 
25 referred to as the data section of the ith Record. 

Vi - Auditor Validation token for the ith Record. 
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H(x) - A secure hash of the string x. 

Ek {x}- Encrypt x with key k. 

X+Y - Concatenation of strings X and Y. 

P - Prime Number for Exponentiation Operation. 
5 a - The generator of Prime Number Field. 

AUD - auditor private key 

cc AUD (mod P) - Auditor Public Key. 

Wi - i-th writer private key 

oc Wl i-th writer public key 
10 In one example of the present invention, an audit trail is carefully created 

and maintained. In essence, the audit trail is a database system log used for 
security purposes. The audit trail is normally used for keeping track of 
operations applied to the database system in general, along with user identities. 
Since a user is granted access to the database after an authentication process, the 
15 identity of the user is known to the database, the audit trail thus can record "who 
has done what" to the database. 

The audit trail also includes values of a validation token relying on which 
any tampering of the audit trail may be detected. In general, a validation token 
is a field in a record of the audit trail. When an original record is initially stored 
20 to create the audit trail, it is written along with an initial value of the validation 
token. As it will be discussed later in more detail, in one example of the present 
invention, a mathematical representation for an algorithm to generate the 
validation token can be represented by the following equations: 

Vi = H(VLi + E Ai {Di}), 
25 wherein Ai is referred to as a value of an authentication token. Hence, the 

key to the encryption process for generating a validation token is its related 
authentication token. A series of authentication token values can be generated 
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by employing an encryption key exchange technique between the writer and an 
auditor. For instance, for the record (e.g., Ri), the writer generates a writer 
private key called Wi, computes and stores a writer public key a Wi . The auditor 
also generates an auditor private key AUD and an auditor public key a AUD . 
5 After the auditor sends the auditor public key to the writer and the writer 
performs an exponentiation with a AUD as the base and the writer private key Wi 
as the exponent. This operation is represented as 

Ti = ( a AUD*WimodP-l) ( mo d P) 

where P is a prime number, (mod P) denotes modulo P operation and Ti is the 
10 intermediate result. The writer then computes the corresponding authentication 
token according to the following process formula: 
Ai = H (Ti (mod P)) 

where H denotes a one-way hash function. Using this authentication token to 
processes the data Di in accordance with the method explained above, the 
15 validation token Vi is then generated. It is clear that the computation of 
validation token Vi by the writer requires, among others, the knowledge of 
writer private key Wi and auditor public key oc AUD . 

With the validation tokens created for the audit trail of the database, both 
Vi and Di are stored in the DB 10 as part of Ri. 
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Table 1 below shows different sections/ fields of the database according to 
one example of the present invention. 



Data Sector for 


Writer- 


Validation 


Validation 


the Record 


Public Key 


Token for 


Token for 




Auditor A 


Auditor B 


Do 


a wo 


Vo 


Uo 


Di 


a wl 


Vi 


Ui 










Dn 


a Wn 


V n 


U n 



Table 1 



5 There are generally three major sections, the section labeled as Data Sector 

of the Record contains the actual database record field, the Writer Public Key 
section includes a writer public key computed by the writer for the 
corresponding records, and the Validation Token section shows the validation 
token values written by the writer and verifiable by the auditors such as Auditor 

10 AandB. 

To start an auditing process, an auditor trail needs to be initialized. 
According to one example the present invention, both the writer and the auditors 
are required to participate in the process. For starting the audit trail, the writer 
generates a first writer private key Wo and the corresponding writer public key 
15 a wo , and transmits a wo to all the auditors. Each auditor also generates his 

private key AUDn and the corresponding public key ot AUDn . The auditor sends 
his respective auditor public key to the writer and the other auditors. The 
auditors together generate a common initialization key, ot INIT - AUD ~ COM and IDaud, 
the common name or identification for the audit trail. The common initialization 
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key can be computed either using Group Diff ie-Hellman techniques or having 
each auditor send a pseudo random number (PRN) to other auditors using 
public key encryption and the common key is generated by combining the PRNs 
of all the auditors. Each auditor computes a temporary parameter X by 
5 concatenating an audit trail identity IDaud, a writer public key a wo , the common 
initialization key a INIT - AUD - C0M and the auditor's public key a AUDn or 
mathematically: 

X= IDaud + oc wo +cc AUD * + a INIT " AUD - COM 
if there are more than one auditor, then all auditor public keys are appended in 
10 the above formula to appear as: 

X= IDaud + a wo + a INIT - AUD - COM1 + a AUD1 + . . ,+a AUDn . 

With the value X, the auditor with the public key a AUDi then forms Do by 
running a hash function over X (i.e., Do^Hash (X)). Thereafter, the initial value of 
the authentication token is created as Ao= H(a AUDi * W0 ). With the initial value of 
15 the authentication token Ao and Do, the initial value of the validation token can 
be generated as: 

Vo = H(A 0 + Eao{D 0 }). 

The first record Ro then stores a wo and Vo as shown in Table 1. The 
auditor private key AUDi, the IDaud, a INIT - AUD - C0M , and Do are further stored in 
20 the designated SS 22 for the auditor. For audit purposes, there are two 
designated fields added to the Database. One for storing the writer public key 
a Wi , and the other for holding the validation token value Vi. If there is another 
auditor, say B, the computational steps shown above are repeated with his audit 
public key. There will be one more field in the database to hold the validation 
25 token Ui for the auditor B. 

When writing more entries to the audit trail, the writer private keys and 
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validation token values are generated step by step in a // chaining // fashion. First, 
the values of cc Wi (mod P) and ot AUDi * Wi (mod P) are calculated by raising a and 
a AUDi t 0 the exponent Wi, so that the authentication token value for a record can 
be computed as: 
5 Ai = H(a AUDl * Wi (™ d M ) (mod P)). 

With the authentication token Ai in hand, the validation token is 
computed as: 

Vi=H(Vi-i +E Ai {Di}) 

wherein Ai is the encryption key for i-th auditor. If there are "n" auditors, 
10 the encryption keys are respectively Ai, A2, ..A n . Finally, the writer private key 
is updated as: 

W i+ i = H(Wi + Ai + A 2 + ... + An). 

The authentication keys Ai's are immediately deleted after their usage in 
generating the new writer private key Wi+i. The computed a Wi and Vi are stored 
15 as part of the record Ri of the database. Wi+i is stored in the designated SS 22 for 
the writer to irreversibly replace the previous value Wi. For the writer private 
keys, only the writer has a full access (e.g., read and write rights). 

For a validation process, the verification of validation token requires the 
knowledge of both the auditor private key and the writer public key oc Wi . The 
20 auditor private key and Do are extracted from the SS 22 of the auditor using his 
own access privileges. The audit trail is then validated from the first record 
downwards. For every record, both the authentication token and the validation 
token values are computed using the algorithm described above and the 
computed validation token is compared with the validation token stored in the 
25 audit trail. Any mismatch between them indicates a tampering of the trail 

As the writer and the auditor use asymmetric key based computations to 
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perform, respectively, writing and validating operations, the audit trail thus 
implemented is referred to as an asymmetric audit trail. 

The audit trail thus created is tamper-proof. An attacker would have to 
solve discrete logarithm problem to know the writer private keys from the writer 
5 public keys. Further, the auditor's public key is stored in writer's SS, which is 
secure from unauthorized accesses. The validation token value computation 
requires the previous validation token as a parameter and hence a chaining effect 
in terms of generating the validation token values (or a "hash chaining effect") is 
ensured. 

10 As it is known, an audit trail can usually be tampered with in five 

different ways: 

1 . deletion of the whole audit trail; 

2. deletion of N records in the middle of the audit trail; 

3. deletion of N records from the end of the audit trail; 
15 4. addition of invalid records to the audit trail; or 

5. modification of one or more records in the audit trail. 
The present invention can successfully and efficiently deal with all the 
above-listed possible ways of tampering. For example, since the data for the first 
record is stored in the Secure Store, and the DBA doesn't have access to it, 
20 therefore he can not replace the whole audit trail with an invalid one without 
being detected. 

Assuming for the purpose of illustration that the DBA deletes N records 
Ri+i to Ri+N, thus the last validatable record is record Ri. The next record should 
have authentication token and validation token calculated as follows according 
25 to one example of the present invention: 

Validation Token = V i+ i = H (Vi + E A i+i{D M }}) 
However, the next validation token found in the SS 22 is not Vi+i, but Vi+n+i 
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originally for record Ri+n+i, where 

V = H (Vi+N-l + EAi+N-l{Di+N-l}) 

Assuming the cryptography technology used in the encryption process is strong 
enough, (e.g., if a hash function having good security property is chosen, the 

5 probability of V being the same as Vi+i is negligible), Vi+n+i should be different 
from Vi+i and a mismatch should almost always be detected. 

Assuming that the DBA deletes N records from the end of the trail (e.g., 
from Ri-N to Ri wherein Ri being the last record listed in the audit trail). This 
action, whether authorized or not, can be detected. The validation token 

10 generated at the end of the trail is now: 

Vi-N = H(Vi-N-l + EAi-N-l{Di-N-l}). 

However the token in the SS 22 is 

Vi = H(Vi-i + E A i{Di}) 
It is highly probable that these two validation tokens will differ which indicates 
15 that a modification of the trail has happened. 

Moreover, it is desirable to detect any addition of the records to the audit 
trail by the DBA. For example, since the validation token for a record Ri is 
generated in one example of the present invention by the following mechanism: 

V^H^i + EAifDi}) 

20 and as the DBA doesn't have access to Aihe cannot generate a valid validation 
token for the new record added by him. Any additions can be detected 
immediately. 

Similarly, for modification of the record listed in the trail, since the DBA 
doesn't have access to any authentication token, he cannot generate a valid 
25 validation token for a record modified by him. Consequently, any modification 
can also be detected. 
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In the above-described examples of the present invention, it is assumed 
that the writer is a secure writing machine which has a secure storage not 
accessible by any user other than the auditor who may have a reading access. At 
a very minimum, even when an event happens that breaks the security, it is 
5 guaranteed that all records written before the event will be protected from 
tampering. This is because the writer private key for earlier records are not 
available to the attacker and therefore validation tokens for them cannot be 
generated without solving discrete logarithm problem. 

It will also be understood by those having skill in the art that one or more 

10 (including all) of the elements/ steps of the present invention may be 

implemented using software executed on a general purpose computer system or 
networked computer systems, using special purpose hardware-based computer 
systems, or using combinations of special purpose hardware and software. 
Referring now to Fig. 2, a typical computer system 100 includes a 

15 two-dimensional graphical display (also referred to as a "screen") 102 and a 
central processing unit 104. The central processing unit 104 contains a 
microprocessor and random access memory for storing programs. A disk drive 
106 for loading programs may also be provided. A keyboard 108 having a 
plurality of keys thereon is connected to the central processing unit 104, and a 

20 pointing device such as a mouse 110 is also connected to the central processing 
unit 104. 

The present invention, as described above, provides an improved method 
for providing a tamper-proof storage of an audit trail in a database. Various 
benefits are achieved over conventional approaches. For instance, the security of 
25 the entire database is strengthened, while normal database queries are not 

hindered. Further, any actions taken against the records in the audit trail can be 
detected without involving a computationally expensive process. It also 
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accommodates the need to implement the "four eyes principle/' 

The above disclosure provides many different embodiments, or examples, 
for implementing different features of the invention. Specific examples of 
components, and processes are described to help clarify the invention. These are, 
5 of course, merely examples and are not intended to limit the invention from that 
described in the claims. For example, various acceptable encryption algorithms 
can be conceivably used in conjunction with various examples of the present 
invention. Similarly, hashing algorithms can also be varied by one skilled in the 
art. 

10 While the invention has been particularly shown and described with 

reference to the preferred embodiment thereof, it will be understood by those 
skilled in the art that various changes in form and detail may be made therein 
without departing from the spirit and scope of the invention, as set forth in the 
following claims. 
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WHAT IS CLAIMED IS: 

1 1. A method for providing one or more independent auditors an 

2 audit trail having one or more records for a database system, an integrity of the 

3 audit trail being vulnerable to actions taken by an access-privileged user other 

4 than the auditors, the database system having a writing machine (writer) not 

5 under the control of the access-privileged user or the auditors, each record 

6 having a corresponding authentication token and a validation token, the method 

7 comprising: 



8 initiating the audit trail by generating an initial value of an authentication 

9 token and an initial value of a validation token based on a first encryption key of 

10 a first type (writer public key) generated by the writer and a second encryption 

1 1 key of the first type generated by each Auditor (auditor public key); 

12 generating a third encryption key of a second type (writer private key) 

13 related to the first encryption key and a fourth encryption key of a second type 

14 (auditor private key) related to the second encryption key; 

15 updating the values of the writer private key, the authentication token, 

16 and the validation token while integrating the values of the validation token and 

17 the writer public key into each corresponding record of the audit trail; and 

18 validating, by the auditor, each record of the audit trail by comparing the 

19 integrated validation token with a newly computed validation token in order to 

20 detect a tampering of the audit trail. 

1 2. The method of claim 1 wherein the step of initiating further 

2 includes storing the initial values of the validation token and the writer public 

3 key in an initial record of the audit trail. 
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1 3. The method of claim 1 wherein the step of initiating further 

2 includes: 

3 concatenating a predetermined identity for the audit trail, and a common 

4 initialization encryption key generated by the auditor with the auditor public 

5 key and the writer public key; 

6 generating the initial value of the validation token through at least one 

7 hashing process and at least one encryption process using the concatenated 

8 result, 

9 wherein the initial value of the authentication token is used as an 
10 encryption key for the encryption process. 

1 4. The method of claim 1 wherein the step of generating further 

2 includes: 

3 storing the auditor private key in a first secured storage accessible only by 

4 the auditor; and 

5 storing the writer private key in a second secured storage accessible only 

6 by the writer. 
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1 5. The method of claim 1 wherein the step of updating further 

2 includes: 

3 updating the value of the writer private key; 

4 updating the value of the writer public key based on the updated writer 

5 private key; 

6 updating the value of the authentication token by a hashing process based 

7 on the updated value of the writer private key and the auditor public key; and 

8 updating the value of the validation token through at least a hashing 

9 process and an encryption process, 

1 0 wherein the updated authentication token is used as an encryption key for 

1 1 the encryption process while updating the value of the validation token. 

1 6. The method of claim 1 wherein the newly computed validation 

2 token is generated by the auditor based on the auditor private key and the writer 

3 public key. 
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1 7. A method for providing at least one independent auditor an audit 

2 trail, the audit trail having one or more records recording actions taken against a 

3 database system, the integrity of the audit trail being vulnerable to actions taken 

4 by an access-privileged user other than the auditor, the database system having a 

5 writing machine (writer) not under the control of the access-privileged user or 

6 the auditor, the method comprising: 

7 integrating into each record a corresponding value of a validation token 

8 generated based on a first pair of public-private encryption keys generated by 

9 the writer and a second pair of public-private encryption keys generated by the 

10 auditor, 

1 1 wherein the writer has an access to the public encryption key of the 

12 second pair (auditor public key), and the auditor has an access to the public 

13 encryption key of the first pair (writer public key), 

14 wherein only the writer has an access to the private key of the first pair 

15 (writer private key), and only the auditor has an access to the private key of the 

16 second pair (auditor private key), and 

17 wherein the auditor has the ability to compute the values of the validation 

1 8 token for the records to verify against the integrated values of the validation 

19 token in order to detect a tampering of the audit trail by the access-privileged 

20 user. 
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1 8. The method of claim 7 wherein the step of integrating further 

2 includes: 

3 initiating the audit trail by generating an initial value of the authentication 

4 token and an initial value of the validation token for an initial record of the audit 

5 trail based on the writer public key and the auditor public key; and 

6 updating the values of the writer private key, the authentication token, 

7 and the validation token, 

8 wherein each updated value of the validation token is integrated into a 

9 corresponding record of the audit trail. 

1 9. The method of claim 8 wherein the step of initiating further includes: 

2 concatenating a predetermined identity for the audit trail, and a common 

3 initialization encryption key generated by the auditor with the auditor public 

4 key and the writer public key; and 

5 generating the initial value of the validation token through at least one 

6 hashing process and at least one encryption process using the concatenated 

7 result, 

8 wherein the initial value of the authentication token is used as an 

9 encryption key for the encryption process. 
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1 10. The method of claim 9 wherein the step of initiating further 

2 includes: 

3 storing the auditor private key, the identity for the audit trail, and the 

4 initial record in a designated secured information storage accessible only by the 

5 auditor, 

6 wherein the stored auditor private key, the identity for the audit trail, and 

7 the initial record can be retrieved by the auditor and used with the writer public 

8 key accessible by the auditor to compute the values of the validation token for 

9 the records to verify against the integrated values of the validation token. 

1 11. The method of claim 8 wherein the step of updating further 

2 includes: 

3 updating the value of the writer private key through a hashing process; 

4 updating the value of the writer public key based on the updated writer 

5 private key; 

6 updating the value of the authentication token by a hashing process based 

7 on the updated value of the writer private key; and 

8 updating the value of the validation token through at least a hashing 

9 process and an encryption process, 

10 wherein the updated authentication token is used as an encryption key for 

1 1 the encryption process while updating the value of the validation token. 
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1 12. A computer program for providing at least one independent 

2 auditor an audit trail, the audit trail having one or more records recording 

3 actions taken against a database system, the integrity of the audit trail being 

4 vulnerable to actions taken by an access-privileged user other than the auditor, 

5 the database system having a writing machine (writer) not under the control of 

6 the access-privileged user or the auditor, the computer program comprising 



7 instructions for: 

8 integrating into each record a corresponding value of a validation token 

9 generated based on a first pair of public-private encryption keys generated by 

10 the writer and a second pair of public-private encryption keys generated by the 

1 1 auditor, 

12 wherein the writer has an access to the public encryption key of the 

13 second pair (auditor public key), and the auditor has an access to the public 

14 encryption key of the first pair (writer public key), 

15 wherein only the writer has an access to the private key of the first pair 

16 (writer private key), and only the auditor has an access to the private key of the 

17 second pair (auditor private key), and 

18 wherein the auditor has the ability to compute the values of the validation 

19 token for the records to verify against the integrated values of the validation 

20 token in order to detect a tampering of the audit trail by the access-privileged 

21 user. 
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1 13. The computer program of claim 12 wherein the means for 

2 integrating further includes instructions for: 

3 initiating the audit trail by generating an initial value of the authentication 

4 token and an initial value of the validation token for an initial record of the audit 

5 trail based on the writer public key and the auditor public key; and 

6 updating the values of the writer private key, the authentication token, 

7 and the validation token, 

8 wherein each updated value of the validation token is integrated into a 

9 corresponding record of the audit trail. 

1 14. The computer program of claim 13 wherein the means for initiating 

2 further includes instructions for: 

3 concatenating a predetermined identity for the audit trail, and a common 

4 initialization encryption key generated by the auditor with the auditor public 

5 key and the writer public key; and 

6 generating the initial value of the validation token through at least one 

7 hashing process and at least one encryption process using the concatenated 

8 result, 

9 wherein the initial value of the authentication token is used as an 

10 encryption key for the encryption process. 
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1 15. The computer program of claim 14 wherein the means for initiating 

2 further includes instructions for: 

3 storing the auditor private key, the identity for the audit trail, and the 

4 initial record in a designated secured information storage accessible only by the 

5 auditor, 

6 wherein the auditor private key, the identity for the audit trail, and the 

7 initial record can be retrieved by the auditor and used with the writer public key 

8 accessible by the auditor to compute the values of the validation token for the 

9 records to verify against the integrated values of the validation token. 

1 16. The computer program of claim 13 wherein the means for updating 

2 further includes instructions for: 

3 updating the value of the writer private key through a hashing process; 

4 updating the value of the writer public key based on the updated writer 

5 private key; 

6 updating the value of the authentication token by a hashing process based 

7 on the updated value of the writer private key; and 

8 updating the value of the validation token through at least a hashing 

9 process and an encryption process, 

10 wherein the updated authentication token is used as an encryption key for 

1 1 the encryption process while updating the value of the validation token. 
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1 17. A system for providing at least one independent auditor an audit 

2 trail, the audit trail having one or more records recording actions taken against a 

3 database, the integrity of the audit trail being vulnerable to actions taken by an 

4 access-privileged user other than the auditor, the database having a writing 

5 machine (writer) not under the control of the access-privileged user or the 

6 auditor, the system comprising means for: 



7 integrating into each record a corresponding value of a validation token 

8 generated based on a first pair of public-private encryption keys generated by 

9 the writer and a second pair of public-private encryption keys generated by the 

10 auditor, 

1 1 wherein the writer has an access to the public encryption key of the 

12 second pair (auditor public key), and the auditor has an access to the public 

1 3 encryption key of the first pair (writer public key), 

14 wherein only the writer has an access to the private key of the first pair 

1 5 (writer private key), and only the auditor has an access to the private key of the 

16 second pair (auditor private key), and 

17 wherein the auditor has the ability to compute the values of the validation 

1 8 token for the records to verify against the integrated values of the validation 

1 9 token in order to detect a tampering of the audit trail by the access-privileged 

20 user. 
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1 18. The system of claim 17 wherein the means for integrating further 

2 includes means for: 

3 initiating the audit trail by generating an initial value of the authentication 

4 token and an initial value of the validation token for an initial record of the audit 

5 trail based on the writer public key and the auditor public key; and 

6 updating the values of the writer private key, the authentication token, 

7 and the validation token, 

8 wherein each updated value of the validation token is integrated into a 

9 corresponding record of the audit trail 

1 19. The system of claim 18 wherein the means for initiating further 

2 includes means for: 

3 concatenating a predetermined identity for the audit trail, and a common 

4 initialization encryption key generated by the auditor with the auditor public 

5 key and the writer public key; and 

6 generating the initial value of the validation token through at least one 

7 hashing process and at least one encryption process using the concatenated 

8 result, 

9 wherein the initial value of the authentication token is used as an 

1 0 encryption key for the encryption process. 
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1 20. The system of claim 19 wherein the means for initiating further 

2 includes means for: 

3 storing the auditor private key, the identity for the audit trail, and the 

4 initial record in a designated secured information storage accessible only by the 

5 auditor, 

6 wherein the stored auditor private key, the identity for the audit trail, and 

7 the initial record can be retrieved by the auditor and used with the writer public 

8 key accessible by the auditor to compute the values of the validation token for 

9 the records to verify against the integrated values of the validation token. 

1 21 . The system of claim 18 wherein the means for updating further 

2 includes means for: 

3 updating the value of the writer private key through a hashing process; 

4 updating the value of the writer public key based on the updated writer 

5 private key; 

6 updating the value of the authentication token by a hashing process based 

7 on the updated value of the writer private key; and 

8 updating the value of the validation token through at least a hashing 

9 process and an encryption process, 

1 0 wherein the updated authentication token is used as an encryption key for 

1 1 the encryption process while updating the value of the validation token. 
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AN ASYMMETRIC SYSTEM AND METHOD FOR TAMPER-PROOF 
STORAGE OF AN AUDIT TRAIL FOR A DATABASE 



Abstract 

An asymmetric key based method and system is provided for a tamper- 
proof storage of one or more records of an audit trail for a database. The 
asymmetric key based key exchange mechanism is employed to arrive at a 

5 common key, which is then used to obtain the authentication and the validation 
tokens. The method creates one or more authentication token values, and 
generates one or more validation token values from the authentication token 
values through a combination of a hashing process and an encryption process. 
Once the validation token values are created, they are further integrated into the 

10 records in the database. When an authorized person such as an auditor who 
needs to check the integrity of the records, he can detect a tampering of the 
records by comparing a validation token value newly computed by him 
independently with the validation token value integrated in the record. 
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Full Name of First Inventor: Madhusudhana H.S. Murthv 

w^nr's^fltrtr^ H^^J^ Dated: lo/fS/Z*™ 

Residence: No. 52/6, 1 Cross. 20 Main, Marenah a11 Yr Vijayanaffer, Bangalore 560040 

Citizenship: India ■ — 

Post Office Address: No. 52/6, 1 Cross, 20 Main. Marenah aTly,. Vijavanager, Bangalore 56 



Full Name of Second Inventor: Andaman Tripathi . . . 

W^W. qjgnattire Dated: Q^£^ /3 ft ZaoO 

Residence; Trim Cottage. Landour , Mussoorie-24817 9. U.F., India 

Citizenship: India _ _™ 

Post Office Address: Trim Cottage. Landour, Mussoorie-248179, UP. , India 



